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We claim: 

1 . A system for controlling access to a communications network associated 
with a network service, the system comprising: 

a service controller, comprising at least one session initiation protocol (SIP) 
proxy server, that receives a request for the network service from an initiating end 
system and instructs the initiating end system to perform a connection setup 
request, the instructing comprising specification of a unique identifier to be 
included in the connection setup request, the unique identifier correlating the 
connection setup request and the network service; and 

at least one switching device that receives the connection setup request 
from the initiating end system, the switching device processing the connection 
setup request based on the unique identifier and at least one of service policy and 
logic associated with the network service, and performing one of establishing a 
network connection to a terminating end system and rejecting the connection setup 
request based on the processing, in accordance with the at least one of service 
policy and logic. 

2. The system for controlling access to a communications network 
associated with a network service according to claim 1, in which the service 
controller pushes the at least one of service policy and logic into the at least one 
switching device prior to instructing the originating end system to perform a 
connection setup request. 

3. The system for controlling access to a communications network 
associated with a network service according to claim 2, in which the connection 
setup request is in accordance with resource reservation protocol (RSVP) and the 
pushing the at least one of service policy and logic into the switching device is in 
accordance with common open policy service - policy rule (COPS-PR) protocol. 

4. The system for controlling access to a communications network 
associated with a network service according to claim 1, in which the at least one 
switching device pulls the at least one of service policy and logic from the service 
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controller after receiving the connection setup request from the initiating end 
system. 

5. The system for controlling access to a communications network 
associated with a network service according to claim 4, in which the connection 
setup request is in accordance with resource reservation protocol (RSVP) and the 
pulling the at least one of service policy and logic into the switching device is in 
accordance with common open policy service (COPS) protocol. 

6. The system for controlling access to a communications network 
associated with a network service according to claim 1, in which the at least one 
switching device queries the service controller and receives information 
representing application of the at least one of service policy and logic in response 
to the query. 

7. The system for controlling access to a communications network 
associated with a network service according to claim 6, in which the connection 
setup request is in accordance with resource reservation protocol (RSVP) and the 
querying the service controller by the switching device and the receiving 
information representing application of the at least one of service policy and logic 
in response to the query is in accordance with common open policy service 
(COPS) protocol. 

8. The system for controlling access to a communications network 
associated with a network service according to claim 1, the at least one switching 
device comprising an Internet protocol router. 

9. The system for controlling access to a communications network 
associated with a network service according to claim 8, in which the connection 
setup request is in accordance with resource reservation protocol (RSVP). 

10. The system for controlling access to a communications network 
associated with a network service according to claim 1, the at least one switching 
device comprising a multi-protocol label switching (MPLS) label switching router. 
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11. The system for controlling access to a communications network 
associated with a network service according to claim 10, in which the connection 
setup request is in accordance with one of RSVP-te and constraint-based routed 
label distribution protocol (CR-LDP). 

12. The system for controlling access to a communications network 
associated with a network service according to claim 1, the at least one switching 
device comprising an optical switching device controlled by generalized multi- 
protocol label switching (GMPLS). 

13. The system for controlling access to a communications network 
associated with a network service according to claim 12, in which the connection 
setup request is in accordance with one of RSVP-te and constraint-based routed 
label distribution protocol (CR-LDP). 

14. The system for controlling access to a communications network 
associated with a network service according to claim 1, the at least one switching 
device comprising a time division multiplexing (TDM) switching device 
controlled by generalized multi-protocol label switching (GMPLS). 

15. The system for controlling access to a communications network 
associated with a network service according to claim 14, in which the connection 
setup request is in accordance with one of RSVP-te and constraint-based routed 
label distribution protocol (CR-LDP). 

16. A system for controlling access to a communications network 
associated with a network service, the system comprising: 

a service controller, comprising at least one session initiation protocol (SIP) 
proxy server, that receives a request for the network service from an initiating end 
system to access the network service, provides the initiating end system with an 
enabling certificate, comprising at least one of service policy and logic associated 
with the network service, and a unique setup identifier, and instructs the initiating 
end system to perform a connection setup request that includes the certificate and 
the unique identifier; and 
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at least one switching device that receives the connection setup request 
from the initiating end system, the switching device processing the connection 
setup request based on the certificate and the unique identifier and performing one 
of establishing a network connection and rejecting the connection setup request 
based on the processing, in accordance with at least the certificate. 

17. The system for controlling access to a communications network 
associated with a network service according to claim 16, the at least one switching 
device comprising an Internet protocol router. 

18. The system for controlling access to a communications network 
associated with a network service according to claim 17, in which the connection 
setup request is in accordance with resource reservation protocol (RSVP). 

19. The system for controlling access to a communications network 
associated with a network service according to claim 16, the at least one switching 
device comprising a multi-protocol label switching (MPLS) label switching router. 

20. The system for controlling access to a communications network 
associated with a network service according to claim 19, in which the connection 
setup request is in accordance with one of RSVP-te and constraint-based routed 
label distribution protocol (CR-LDP). 

21. The system for controlling access to a communications network 
associated with a network service according to claim 16, the at least one switching 
device comprising an optical switching device controlled by general multi- 
protocol label switching (GMPLS). 

22. The system for controlling access to a communications network 
associated with a network service according to claim 21, in which the connection 
setup request is in accordance with one of RSVP-te and constraint-based routed 
label distribution protocol (CR-LDP). 

23. The system for controlling access to a communications network 
associated with a network service according to claim 16, the at least one switching 
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device comprising a time division multiplexing (TDM) switching device 
controlled by generalized multi-protocol label switching (GMPLS). 

24. The system for controlling access to a communications network 
associated with a network service according to claim 23, in which the connection 
setup request is in accordance with one of RSVP-te and constraint-based routed 
label distribution protocol (CR-LDP). 

25. A method for controlling access to capabilities of an Internet protocol 
(IP) network associated with an IP network service, the method comprising: 

processing at a service control, in accordance with a session initiation 
protocol (SIP), a request for the IP network service received from an initiating end 
system, the processing comprising instructing the initiating end system to perform 
a connection setup request and specifying a unique identifier to be included in the 
connection setup request, the unique identifier correlating the connection setup 
request and the IP network service; 

transferring at least one of policy and logic of the IP network service to at 
least one router from the service control; 

receiving from the initiating end system, at the at least one router, the 
connection setup request, including the unique identifier; 

processing the connection setup request based on the unique identifier and 
the at least one of policy and logic associated with the IP network service; and 

performing one of establishing an IP network connection to a terminating 
end system and rejecting the connection setup request based on the processing, in 
accordance with the at least one of policy and logic. 

26. The method for controlling access to capabilities of an IP network 
according to claim 25, in which the transferring the at least one of policy and logic 
of the IP network service to the at least one router comprises pushing the at least 
one of policy and logic from the service control prior to instructing the initiating 
end system to perform the connection setup request. 
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27. The method for controlling access to capabilities of an IP network 
according to claim 25, in which the transferring the at least one of policy and logic 
of the IP network service to the at least one router comprises pulling the at least 
one of policy and logic from the service control after instructing the initiating end 
system to perform the connection setup request. 

28. The method for controlling access to capabilities of an IP network 
according to claim 25, in which the connection setup request is in accordance with 
resource reservation protocol (RSVP). 

29. A method for controlling access to capabilities of an Internet protocol 
(IP) network associated with an IP network service, the method comprising: 

processing at a service control, in accordance with a session initiation 
protocol (SIP), a request for the IP network service received from an initiating end 
system, the processing comprising instructing the initiating end system to perform 
a connection setup request and specifying a unique identifier to be included in the 
connection setup request, the unique identifier correlating the connection setup 
request and the IP network service; 

transferring information representing the application of at least one of 
policy and logic of the IP network service to at least one router from the service 
control; 

receiving from the initiating end system, at the at least one router, the 
connection setup request, including the unique identifier; 

processing the connection setup request based on at least the unique 
identifier and the information representing the application of at least one of policy 
and logic associated with the IP network service; and 

performing one of establishing an IP network connection to a terminating 
end system and rejecting the connection setup request based on the processing, in 
accordance with the information representing the application of at least one of 
policy and logic. 
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30. The method for controlling access to capabilities of an IP network 
according to claim 29, in which the transferring the information representing the 
application of at least one of policy and logic of the IP network service to the at 
least one router comprises replying to a query from the at least one router after 
instructing the initiating end system to perform the connection setup request. 

31. The method for controlling access to capabilities of an IP network 
according to claim 29, in which the connection setup request is in accordance with 
resource reservation protocol (RSVP). 

32. A method for controlling access to capabilities of an Internet protocol 
(IP) network associated with an IP network service, the method comprising: 

processing at a service control, in accordance with a session initiation 
protocol (SIP), a request for the IP network service received from an initiating end 
system, the processing comprising instructing the initiating end system to perform 
a connection setup request and specifying a unique identifier to be included in the 
connection setup request, the unique identifier correlating the connection setup 
request and the IP network service; 

providing to the initiating end system a certificate that includes at least one 
of policy of the IP network service, logic of the IP network service, and 
information representing at least one of the policy and the logic of the IP network 
service; 

receiving from the initiating end system, at the at least one router, the 
certificate and the connection setup request, including the unique identifier; 

processing the connection setup request based on at least one of the 
certificate and the unique identifier; and 

performing one of establishing an IP network connection to a terminating 
end system and rejecting the connection setup request based on the processing. 

33. The method for controlling access to capabilities of an IP network 
according to claim 32, in which the connection setup request is in accordance with 
resource reservation protocol (RSVP). 
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